DATA PROTECTION AND PRIVACYTEAM MEMBERS

KINJAL METHAKARNITA SHAHHIMANSHU JAINAAYuSH ADUkIA

CHINTAN SANGHAVI

CONTENTS1. DEFINITIONS...................................................................................................................................3

2. DATA PROTECTION V/S PRIVACY..............................................................................................4

3. NEED OF DATA PROTECTION.....................................................................................................5

4. CYBER SECURITY...........................................................................................................................7 CLASSIFICATION OF CYBER SECURITY PREVENTIVE MEASURES CASE STUDY

5. METHODS OF DATA PROTECTION............................................................................................11 ENCRYPTION OF DATA SSL FIREWALL ANTISPYWARE AND ANTIVIRUS OTHER MEASURES

6. SPDI RULES....................................................................................................................................16

7.HOW TO LOGDE A COMPLAINT IN CASE OF CYBER CRIME....................................................17

8.Penal Provisions Relating To Data Protection Laws In India.................................................18

Definitions• Data protection It is the process of safeguarding important information from corruption and loss.• PrivacyIt is the ability of an individual or organization to determine what data in a communication system can be shared with third party.

Data protection v/s privacy

Data protection• Securing data from

unauthorized access

• Technical issue• USA• Identifying rules and

practices regarding collection processing of personal information.

Privacy• Authorized access who

has it and who defines it

• Legal issue

Need of data protectionInternet

Political

Medical

Cable television

Need of data protectionLocational

Educational

Financial

WHAT IS CYBER SECURITY?

Cyber security is the body of technologies, processes and practices designed to protect

networks, computers, programs and data from attack, damage

or unauthorized access.

CLASSIFICATION OF CYBER CRIMES

Against persons

• E-mail Spoofing• Hacking

Against Property

• Cyber Squatting• Cyber Trespass

Against Society

• Child Pornography• Financial Crimes

SOME IMPORTANT PREVENTIVE MEASURES

• Identification of exposures through education will assist responsible companies and firms to meet these challenges.

• One should avoid disclosing any personal information to strangers via e-mail or while chatting.

• One must avoid sending any photograph to strangers by online as misusing of photograph incidents increasing day by day.

CASE STUDY• Worm Attack: The Robert Tappan Morris well

Known as First Hacker, Son of former National Security Agency Scientist Robert Morris, was the first person to be prosecuted under the ‘Computer and Fraud Act, 1986’. He has created worm while at Cornell as student claiming that he intended to use the worm to check how large the internet was that time. The worm was uncontrollable due to which around 6000 computer machines were destroyed and many computers were shut down until they had completely malfunctioned. He was ultimately sentenced to three years probation, 400 hours of community service and assessed a fine of $10500. So there must be strict laws to punish the criminals who are involved in cyber crime activities.

METHODS OF DATA PROTECTION1. Encryption of data

Conversion of plain text into cipher text is called encryption.

Decryption means to translate convert cipher text into plain text.

Even if hacker obtain the encrypted data , he cannot understandthe information.

2. SSL (Secure Sockets Layer) Secure Sockets Layer is the standard security technology for establishing an encrypted link between a web server and a browser.This link ensures that all data passed between the web server and browsers remain private and integral.

Hello, let’s set up a secure SSL session

01010010110 l 01010010110

Here is a one time, encryption key for our session

Server decrypts session ley using its Private key and establishes

a secure session.

1st

2nd

3nd

3. FIREWALLA firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Packet Filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules

Proxy Server: Intercepts all messages entering and leaving the network

Application-layer firewalls:Recognize when certain applications and protocolssuch as HTTP, FTP and DNS -- are being misused.

4. ANTIVIRUS & ANTISPYWARE

Anti-spyware software is a type of program designed to prevent and detect unwanted  spyware programinstallations.

Anti-virus software is a software utility that detects, prevents, and removes viruses,worms, and other malware from the computer.

5. Other necessary steps1. Do Background checks.

2. Atleast 2 reference for new employee.

3. Use strong passwords and change the frequently.

4. Stopping usage of cracked or hacked application.

SPDI RULES• Sensitive personal data or information• Body corporate to provide policy for

privacy and disclosure of information• Collection of information• Disclosure of information• Transfer of information• Reasonable Security Practices and

Procedures

HOW TO LODGE A COMPLAINT IN

CASE OF A CYBER CRIMEFILE A COMPLAINT IN THE CYBER

BRANCH

PROVIDE DETAILS

SUBMIT REQUIRED DOCUMENTS

Penal Provisions Relating To Data

Protection Laws In India

•Section 43A- Failure To Protect Data Damages by way of compensation – 1) unto Rs.5 cores (adjudicating officer) 2) above Rs.5 cores (civil court)

•Section 65- Hacking/Tampering Imprisonment unto 3 years or fine unto Rs.2 lakh or both.

• Section 66C- Identity Theft Imprisonment unto 3 years and fine unto Rs.1 lakh.

• Section 66E-Violation Of Privacy Imprisonment unto 3 years or fine unto 2 lakhs or both.

•Section 67C - Preservation And Retention Of Information By Intermediaries Imprisonment up to 3 years.

•Section 72-Breach Of Confidentiality And Privacy Imprisonment up to 2 years or fine up

to 1 lakh or both.

•Section 72A- Disclosure Of information In breach Of lawful Contract Imprisonment unto 3 years or fine

up to 5 lakhs or both.

•Data protection and its privacy plays the crucial role for the survival of the companies.

•Traditionally it was difficult to maintain and save the data and records from unfaithful employees in the organization but due to advanced backup and privacy facilities of data , the job got much easier.

•Each and every organization's fortune and its survival depends on its data protection and its privacy policy as it becomes tedious job to record the data again and again on its deletion.

CONCLUSION

BIBLOGRAPHYhttp://www.sirhow.com/cyber-crime-complaint-online-in-india/

http://www.wipo.int/edocs/lexdocs/laws/en/in/in098en.pdf

http://googleweblight.com/?lite_url=http://mobile.smallbusinesscomputing.com/webmaster/article.php/3908811/15-Data-Security-Tips-to-Protect-Your-Small-

Business.htm&ei=NHx5_DPU&lc=en-IN&s=1&m=682&host=www.google.co.in&ts=1484047412&sig=AF9NedlLM1iX3Rm_bUAnmw1nE

rfRlnRyJg

THANKYOU